Bug 2084479 (CVE-2022-2639)
| Summary: | CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | TEJ RATHI <trathi> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, bhu, bskeggs, cewang, chwhite, crwood, ctoe, ddepaula, dhoward, dvlasenk, hdegoede, hkrzesin, hpa, jarod, jarodwilson, jburrell, jfaracco, jferlan, jforbes, jglisse, jlelli, joe.lawrence, jonathan, josef, jpoimboe, jshortt, jstancek, jwboyer, jwyatt, kcarcia, kernel-maint, kernel-mgr, kpatch-maint, kyoshida, lgoncalv, linville, lzampier, masami256, mcascell, mchehab, nmurray, ptalbert, qzhao, rauferna, rhandlin, rvrbovsk, scweaver, security-response-team, steved, vkumar, walters, wcosta, williams, xovimir156, ycote |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 5.18 | Doc Type: | If docs needed, set a value |
| Doc Text: |
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-01-12 13:00:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2020288, 2082023, 2082155, 2096537, 2114971, 2114972, 2114973, 2114974, 2131758, 2137357, 2141614, 2141615, 2141616, 2141617, 2141618, 2141619, 2141620, 2141621, 2141622, 2141655, 2141656, 2141658, 2141659, 2141660, 2141661, 2141662, 2141663, 2141664, 2141665, 2141775, 2141776, 2141777, 2141778, 2141779, 2141780, 2141786, 2141787, 2141788, 2141789 | ||
| Bug Blocks: | 2084481 | ||
|
Description
TEJ RATHI
2022-05-12 08:43:51 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7444 https://access.redhat.com/errata/RHSA-2022:7444 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7683 https://access.redhat.com/errata/RHSA-2022:7683 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7933 https://access.redhat.com/errata/RHSA-2022:7933 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8267 https://access.redhat.com/errata/RHSA-2022:8267 (In reply to errata-xmlrpc from comment #40) > This issue has been addressed in the following products: > > Red Hat Enterprise Linux 9 > > Via RHSA-2022:8267 https://lolbeans.online /errata/RHSA-2022:8267 The product has been resolved very well. This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:8765 https://access.redhat.com/errata/RHSA-2022:8765 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:8768 https://access.redhat.com/errata/RHSA-2022:8768 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:8767 https://access.redhat.com/errata/RHSA-2022:8767 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2022:8809 https://access.redhat.com/errata/RHSA-2022:8809 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2022:8831 https://access.redhat.com/errata/RHSA-2022:8831 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2022:8940 https://access.redhat.com/errata/RHSA-2022:8940 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2022:8941 https://access.redhat.com/errata/RHSA-2022:8941 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2022:8989 https://access.redhat.com/errata/RHSA-2022:8989 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:8973 https://access.redhat.com/errata/RHSA-2022:8973 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:8974 https://access.redhat.com/errata/RHSA-2022:8974 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:9082 https://access.redhat.com/errata/RHSA-2022:9082 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0058 https://access.redhat.com/errata/RHSA-2023:0058 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0059 https://access.redhat.com/errata/RHSA-2023:0059 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2639 Therefore, without further ado, let's get right to the step-by-step tutorial They provide assistance for Mac and Windows devices. When viewed on a larger screen of a Windows 11, 10, 8, or 7 PC or Mac OS X device, it resembles the VlogNow mobile app. https://vnvideoeditorpc.com/ One of the most outstanding arcade rounds of its time Tekken 3 is currently accessible on the android stage. Its designer Namco didn't initially send off the versatile application rendition. However, you can still obtain it via an APK file and play it with ease using an external or internal phone emulator. http://tekken3.vip/ Blox Organic products is one among the exceptionally messed around on the roblox stage. Players will have every one of the devices to prepare themselves to be an incredible blox organic product client and fighter. Battling against foes is one more intriguing plot of the ongoing interaction. https://bloxfruitscript.com/ The Evon agent is a Totally NEW level 8 endeavor with an assortment of execution APIs, including its CUSTOM Evon DLL, KRNL, and Fluxus. Last but not least, the user interface of Evon is extremely neat and user-friendly. https://evonexecutor.com/ The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days Did you notice that This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7683 https://access.redhat.com/errata/RHSA-2022:7683 https://terasacucarti-ro.com/ I think you missed that if required anything else you may also ask.. |